Templates
Templates are reusable campaign configurations that combine domains, email delivery settings (SMTP or API), email designs, and page flow. They streamline campaign creation by providing templates that can be used across multiple campaigns.
Overview
The templates overview displays all available simulation templates, their configuration status, and associated components.
| Component | Description |
|---|---|
| Template Name | Descriptive identifier for the template configuration |
| Domain | Configured domain for hosting phishing landing pages |
| SMTP Configuration | SMTP server settings for traditional email delivery |
| API Sender | API-based email delivery service configuration |
| Email Template | Pre-designed email content used for phishing lures |
| Before Landing | Optional initial page or proxy page used before the main phishing page |
| Main Landing Page | Primary phishing page or proxy page |
| After Landing | Optional post-capture proxy for extended simulation scenarios |
| Completion Status | Indicates if template is ready for use. Incomplete templates may have missing or deleted required components |
Creating new Templates
Prerequisites
Before creating a template, ensure the following components are configured:
- Domain Configuration - Configured domain for hosting phishing pages
- Email Delivery Method - Either an SMTP sender or API sender for email delivery
- Email Template - Designed phishing email content with appropriate lures
- Page - At least one landing page or proxy
Begin template creation by clicking New Template on the templates page to access the
configuration wizard.
Basic information
| Setting | Description |
|---|---|
| Template Name | Descriptive name to identify this template configuration |
| Delivery Method | Choose between SMTP server delivery or API-based email sending |
Delivery Configuration
| Component | Description |
|---|---|
| SMTP Configuration | Pre-configured SMTP server settings for traditional email delivery |
| API Sender | API-based email service configuration for advanced delivery options |
| Email Template | Pre-designed email content that will be sent to recipients |
Domain and URL Configuration
| Setting | Description |
|---|---|
| Domain Selection | Choose the configured domain for hosting phishing landing pages |
| URL Path | Custom path segment added to domain URLs for added realism and context (e.g., /login, /secure, /update) |
| Query Parameter Key | Parameter name used in URLs to identify individual recipients. Customizable for URL authenticity |
| Session State Key | Parameter for recording multi-page navigation flow when using sequential landing pages |
Page Flow Configuration
The page flow defines the user journey after clicking the phishing email link. This sequence can include multiple pages to create attack scenarios.
| Page Type | Purpose and Description |
|---|---|
| Pre-Landing Page | Initial page for user engagement, credential collection, or traffic filtering before the main simulation |
| Pre-Landing Proxy | Initial proxy configuration for intercepting traffic to legitimate websites before the main campaign interaction |
| Main Landing Page | Primary phishing simulation page where user interactions and data collection occur |
| Landing Proxy | Primary proxy configuration for main campaign interaction, capturing credentials and session data from real applications |
| Post-Landing Page | Redirect page shown after interaction completion. Used for displaying information or redirection |
| After Landing Proxy | Post-capture proxy interaction for additional data collection or extended simulation scenarios |
| POST Redirect URL | Gophish compatible URL. (Campaign URL in Gophish) Use this keep the behavior of Gophish campaign, were after the final POST request, it redirect to this URL to complete the campaign for the recipient. Note: Does not work with proxy configurations. |